c443ef0cadc12797acfe7c7e5940b74e3b793cd5ba0298d8faea79e73d38858b

Analysis

max time kernel
142s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
24-12-2023 22:05

Target

147b4bf14a27d5da315206ea9ec05f7f.exe
Size

167KB
MD5

147b4bf14a27d5da315206ea9ec05f7f
SHA1

1fa5cdc1a83bbe9184b1b26dde614ba5bcaf740d
SHA256

c443ef0cadc12797acfe7c7e5940b74e3b793cd5ba0298d8faea79e73d38858b
SHA512

887c76c453888ed95678497720790b5ab6196303194a8fc4c1198367b42b38d9edbdd35df671737651c698ac964fb86e98f96e58b6470a3887f99a97a63cba34
SSDEEP

3072:Brs5ofQfSTx/00mjlPCyi9EV52qLNqpi+O/a180E9fnjMqkH88wNZTvxLxm2:BQ5oYfSBClKl9O52qpCi+ua18N9PjMqv

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 4212 set thread context of 5012	4212	147b4bf14a27d5da315206ea9ec05f7f.exe	91

Suspicious use of WriteProcessMemory 8 IoCs

description	pid	Process	procid_target
PID 4212 wrote to memory of 5012	4212	147b4bf14a27d5da315206ea9ec05f7f.exe	91
PID 4212 wrote to memory of 5012	4212	147b4bf14a27d5da315206ea9ec05f7f.exe	91
PID 4212 wrote to memory of 5012	4212	147b4bf14a27d5da315206ea9ec05f7f.exe	91
PID 4212 wrote to memory of 5012	4212	147b4bf14a27d5da315206ea9ec05f7f.exe	91
PID 4212 wrote to memory of 5012	4212	147b4bf14a27d5da315206ea9ec05f7f.exe	91
PID 4212 wrote to memory of 5012	4212	147b4bf14a27d5da315206ea9ec05f7f.exe	91
PID 4212 wrote to memory of 5012	4212	147b4bf14a27d5da315206ea9ec05f7f.exe	91
PID 4212 wrote to memory of 5012	4212	147b4bf14a27d5da315206ea9ec05f7f.exe	91

C:\Users\Admin\AppData\Local\Temp\147b4bf14a27d5da315206ea9ec05f7f.exe
"C:\Users\Admin\AppData\Local\Temp\147b4bf14a27d5da315206ea9ec05f7f.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:4212
- C:\Users\Admin\AppData\Local\Temp\147b4bf14a27d5da315206ea9ec05f7f.exe
  C:\Users\Admin\AppData\Local\Temp\147b4bf14a27d5da315206ea9ec05f7f.exe
  2⤵
  PID:5012

memory/4212-1-0x0000000000400000-0x000000000042F000-memory.dmp

Filesize
188KB

Download
memory/5012-3-0x0000000000400000-0x0000000000427000-memory.dmp

Filesize
156KB

Download
memory/5012-4-0x0000000000400000-0x0000000000427000-memory.dmp

Filesize
156KB

Download
memory/5012-5-0x0000000000400000-0x0000000000427000-memory.dmp

Filesize
156KB

Download
memory/5012-0-0x0000000000400000-0x0000000000427000-memory.dmp

Filesize
156KB

Download